Resources
Success Story

Herjavec Group Incident Response Testimonial: Goldcorp Inc.

Learn about how Herjavec Group was able to help Goldcorp Inc. respond to a security incident and provide remediation services for their organization.

Video transcript:

Luis Canepari:
My name is Luis Canepari, I’m the VP of IT for Goldcorp, in my position for four years now. Earlier this year we had an ECM, a cybersecurity breach. The nature of the breach was malware-related Siro malware that a pastoral or normal defenses, your anti-virus or firewalls etc the hackers were able to compromise two dozen computers and extract some data. And then they tried to use it for extortion.

Matt Anthony:
When a customer is dealing with an incident, especially a major security incident, it’s really important that they have a partner who can help them and bring, call and order and structure to the issues. If they’re tired or if they’re panicked, or if they’re disorganized, there’s a real difficulty in making good decision..

Luis Canepari:
The thing that impressed me was when we made the phone call within 12 hours, we had a Matt the VP of incident response on site, helping us troubleshoot and actually taking control of the situation and helping us with the incident response management plan.

Matt Anthony:
I brought a team of people that did this malware analysis, and we were able to guide and direct their team in their remediation services and bring them back to normal operations pretty quickly

Luis Canepari:
As lesson learned from this, we expanded our manual around crisis management model, and now we have better procedures around how to handle a cybersecurity crisis.

Matt Anthony:
Goldcorp was remarkably transparent in their communications. One of their clear goals was to help the community. It wasn’t just, this happened to gold corp and we’re going to try to keep it secret. It was, this happened to Goldcorp let’s try to make sure nobody else gets affected by it.

Luis Canepari:
Everybody seems very happy of taking data from everybody else. Well, nobody wants to share what happened to them. We want to do it the other way. We want to share everything that happened to us so people can defend and look, the more that companies work together to share information and we share over security data.the safer we arll are. Relying on authorities alone is not enough. I mean, we need to do our part. I want to make sure that our companies are more secure and that we’re putting the right technologies and the right partnerships in place to make sure that when these things happen, you can respond immediately.